Description
WordPress Plugin ReviewX-Multi-criteria Rating & Reviews for WooCommerce is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin ReviewX-Multi-criteria Rating & Reviews for WooCommerce version 1.2.8 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.2.9 or latest
References
Related Vulnerabilities
Apache HTTP Server Other Vulnerability (CVE-2002-1592)
WordPress 6.5.x Multiple Vulnerabilities (6.5 - 6.5.4)
WordPress 4.6.x Cross-Domain Flash Injection Vulnerability (4.6 - 4.6.9)
WordPress Plugin Greenshift-animation and page builder blocks Cross-Site Scripting (4.9.9)
WordPress Plugin OneSignal-Web Push Notifications Cross-Site Scripting (1.17.7)